25925ffe98aa7319b278c5763bfba43c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

25925ffe98aa7319b278c5763bfba43c_JaffaCakes118
Size

121KB
MD5

25925ffe98aa7319b278c5763bfba43c
SHA1

5af37d387276e7f83fc0474dae23f8f4956d16f2
SHA256

6a249360d9943087268f920ed1d7533c6b8adea84efb803f09e3b5b9cbe8cc99
SHA512

0d5a0c8af7539667f838a3b8a57cd76a56954f9e4b49eee292aa38341443ec6dba9aadd61272b365b3cbe9eecc81ed19cf82cbc089ed27516cfecb05e2155d5e
SSDEEP

1536:C21/UtvNC0ZUB5m/TVnD9OHhruBLzCLMXQzR2+aPeds70/DA2jfi6/Y1lh1cRxfO:CQ/clCdcJUiLzCL3m2t/DA1cRxf1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
25925ffe98aa7319b278c5763bfba43c_JaffaCakes118

Files

25925ffe98aa7319b278c5763bfba43c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

574a13e2f2fdf25a9142126db0521ba7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTime
VirtualAlloc
lstrcmpA
GetModuleHandleA
QueryPerformanceCounter
lstrcmpiW
GetWindowsDirectoryA
VirtualFree
CopyFileA
RemoveDirectoryA
RemoveDirectoryW
FindClose
lstrcmpiA
GetCommandLineA
lstrlenA
DeleteFileA
lstrlenW
GlobalFindAtomA

gdi32

CreateFontIndirectA
GetObjectA
GetTextMetricsA
GetClipBox
SelectObject
CreateSolidBrush
GetPixel
CreatePalette
LineTo
RestoreDC
SetTextColor
DeleteDC
SetTextAlign
SetStretchBltMode
SetMapMode
SaveDC
GetStockObject
RectVisible
DeleteObject

user32

GetSystemMetrics
GetDC
GetDesktopWindow
GetParent
CharNextA
TranslateMessage

glu32

gluNurbsCallback

Sections

.text
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ